503 matches found
CVE-2002-1830
Open Bulletin Board (OpenBB) 1.0.0 RC3 contains an authentication bypass vulnerability that lets remote attackers access modifier options by issuing a direct request to moderator.php with action and ismod parameters. The vulnerability path arises from insufficient access controls on moderator.php...
D-Link DSL Router - Remote Authentication Bypass
D-Link DSL Router - Remote Authentication Bypass source: https://www.securityfocus.com/bid/13679/info Various D-Link DSL routers are susceptible to a remote authentication bypass vulnerability. This issue is due to a failure of the devices to require authentication in certain circumstances. This...
Linksys WET11 - Password Update Remote Authentication Bypass
Linksys WET11 - Password Update Remote Authentication Bypass source: https://www.securityfocus.com/bid/13051/info A remote authentication bypass vulnerability affects Linksys WET11. This issue is due to a failure of the application to validate authentication credentials when processing password...
Linksys WET11 - Password Update Remote Authentication Bypass
source: https://www.securityfocus.com/bid/13051/info A remote authentication bypass vulnerability affects Linksys WET11. This issue is due to a failure of the application to validate authentication credentials when processing password change requests. An attacker may leverage this issue to...
CVE-2004-2254
SurgeLDAP 1.0g Build 12, and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter...
CVE-2004-2443
Jaws 0.3 allows remote attackers to bypass authentication and via an HTTP request to admin.php with the logged cookie set to the MD5 hash of a null password, which is compared against the logged session variable by the loggedon function in application.php...
CVE-2004-1182
hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted 1 username or 2 hostname that satisfies a regular expression that is matched against a hosts.hfaxd entry without a password...
CVE-2004-1605
SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator...
CVE-2002-1413
RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" SSL option during a connection...
Serena TeamTrack 6.1.1 - Remote Authentication Bypass
Serena TeamTrack 6.1.1 - Remote Authentication Bypass source: https://www.securityfocus.com/bid/10770/info It has been reported that Serena TeamTrack is affected by remote authentication bypass vulnerability. This issue is due to a design error that allows unauthenticated users to access sensitiv...
Serena TeamTrack 6.1.1 - Remote Authentication Bypass
source: https://www.securityfocus.com/bid/10770/info It has been reported that Serena TeamTrack is affected by remote authentication bypass vulnerability. This issue is due to a design error that allows unauthenticated users to access sensitive scripts. Successful exploitation of this issue will...
LinBit Technologies LINBOX Officeserver - Remote Authentication Bypass
source: https://www.securityfocus.com/bid/10010/info It has been reported that LINBOX is prone to a remote authentication bypass vulnerability. This issue is due to a design error that would allow access to web based administration scripts without proper authorization. This issue may allow...
VocalTec VGW48 Telephony Gateway - Remote Authentication Bypass
VocalTec VGW48 Telephony Gateway - Remote Authentication Bypass source: https://www.securityfocus.com/bid/9876/info It has been reported that the VGW4/8 Telephony Gateway is prone to a remote authentication bypass vulnerability via its web configuration tool. The problem is due to a design error ...
VocalTec VGW4/8 Telephony Gateway - Remote Authentication Bypass
source: https://www.securityfocus.com/bid/9876/info It has been reported that the VGW4/8 Telephony Gateway is prone to a remote authentication bypass vulnerability via its web configuration tool. The problem is due to a design error in the application that allows a user to access configuration...
CVE-2003-0215
SQL injection vulnerability in bttlxeForum 2.0 beta 3 and earlier allows remote attackers to bypass authentication via the 1 username and 2 password fields, and possibly other fields...
CVE-2002-1882
Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 allows remote attackers to bypass user authentication checks via unknown attack vectors...
CVE-2002-0522
ASP-Nuke RC2 and earlier allows remote attackers to bypass authentication and gain privileges by modifying the "pseudo" cookie...
CVE-2002-0588
PVote before 1.9 does not authenticate users for restricted operations, which allows remote attackers to add or delete polls by modifying parameters to 1 add.php or 2 del.php...
CVE-2002-0613
dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the userloggedin or userdnstoolsadministrator parameters...
CVE-2002-0275
Falcon web server 2.0.0.1020 and earlier allows remote attackers to bypass authentication and read restricted files via an extra / slash in the requested URL...